A zombie computer, or “drone,” is a computer that has been secretly compromised by hacking tools which allow a third party to control the computer and its resources remotely. When the zombie computer connects to the Internet the remote hacker can clandestinely make contact with the computer to mine data from it or use it for any number of purposes. Communication between the hacker and the computer travels through back channels of the targeted system, keeping these processes hidden from the owner.
The hacking tools used to establish hidden control in a remote computer are referred to as a rootkit. A rootkit isn’t considered malware, as there are legitimate uses for rootkits in networking. However, rootkits can also be used to target random computers on the Internet. Once a computer picks up a rootkit, it becomes an “unwilling accomplice” of the hacker, blindly following instructions, leading to the name “zombie computer.”
A hacker has full access to data and resources on a zombie computer. The infiltrator can copy, infect, corrupt or even erase the entire hard drive. He or she can also install tools that will report everything typed into the zombie computer, including usernames, passwords and financial data like credit card numbers and bank accounts. This private information can be used to commit fraud, identity theft, or can be sold or traded to others.
In addition to the personal violation of privacy and inherent dangers that brings, the perpetrator can also use the zombie computer to engage in illegal online activities. A hacker that compromises many computers can combine them into a zombie network, called a “botnet.” The hacker can control the zombies by broadcasting single commands, negating the need to communicate with each target individually. The botnet becomes a kind of army to do the hacker’s bidding. Botnets are used to send spam, attack websites, perpetuate phishing scams, commit click-fraud, and grow larger botnets by infecting new computers that are vulnerable to attack.
Unfortunately, the risk of your system falling victim to a zombie computer attack might be greater than you imagine. In highly publicized reports from 2005, one dismantled botnet controlled by three young men in the Netherlands included 1.5 million zombie computers. In the United States teenagers termed “script kiddies” are competitively building botnets to gain peer recognition, and in 2000, a Canadian 15-year-old boy used zombie drones to bring down several large websites, causing $1.7 million US Dollars in damages.
To minimize the growing threat of becoming assimilated into a drone:
- Keep your anti-spyware and anti-virus software current.
- Use a firewall.
- Delete spam without opening it.
- Avoid installing programs from untrusted sources.
- Don’t allow untrusted websites to install software.
- Keep your operating system and Web browser current with the latest hotfixes.
- Use a good anti-rootkit program weekly to scan for rootkits.
- Back up your system each week after a clean scan.
In many cases there is excellent freeware available to help you with these tasks. By taking these precautions you will greatly reduce the chances of being targeted by a botnet or zombie computer scanning for new drones.